When the mobile app is free, the product is your personal data
| DOI | https://doi.org/10.1108/DPRG-11-2018-0068 |
| Date | 08 March 2019 |
| Published date | 08 March 2019 |
| Pages | 89-101 |
| Author | Spyros E. Polykalas,George N. Prezerakos |
| Subject Matter | Information & knowledge management,Information management & governance,Information policy |
When the mobile app is free, the product
is your personal data
Spyros E. Polykalas and George N. Prezerakos
Abstract
Purpose –Mobile devices (smartphones, tables etc.) have become the de facto means of
accessing the internet. While traditional Web browsing is still quite popular, significant interaction
takes place via native mobile apps that can be downloaded either freely or at a cost. This has
opened the door to a number of issues related to privacy protection since the smartphone stores
and processes personal data. The purpose of this paper is to examine the extent of access to
personal data, required by the most popular mobile apps available i n Google Play store. In addition,
it is examined whether the relevant procedure is in accordance with the provisi ons of the new EU
Regulation.
Design/methodology/approach –The paper examines more than a thousand mobileapps, available
from the Google Play store, with respect to the extent of the requests for access to personal data. In
particular, for each available category in Google Play store, the most popular mobile apps have been
examined both for free and paid apps. In addition, the permissions required by free and paid mobile
apps are compared. Furthermore, a correlation analysis is carried out aiming to reveal any correlation
between the extentof required access to personal data and the popularityand the rating of each mobile
app.
Findings –The findings of this papersuggest that the majority of examined mobile apps requireaccess
to personal data to a high extent.In addition, it is found that free mobile apps request access to personal
data in a higher extent comparedto the relevant requests by paid apps, which indicates stronglythat the
business model of free mobile apps is basedon personal data exploitation. The most popular types of
access permissionsare revealed for both free and paid apps.In addition, important questions are raised
in relation to user awareness andbehavior, data minimization and purpose limitation for free and paid
mobileapps.
Originality/value –In this study, the process and the extentof access to personal data through mobile
apps are analyzed. Although severalstudies analyzed relevant issues in the past, the originality of this
research is mainly basedon the following facts: first, this work took into account the recentRegulation of
the EU in relation to personal data (GDPR); second, the authors analyzed a high number of the most
popular mobile apps (more than a thousand);and third, the authors compare and analyze the different
approachesfollowed between free and paid mobileapps.
Keywords Privacy, Mobile apps, Personal data, GDPR, Google play store
Paper type Research paper
1. Introduction
Currently, a significant percentage of internet access takes place via smartphones, tablets
and other mobile devices. Users are not confined to Web browsing, e-mail and similar
traditional internet services; they are able to choose between a large number of apps
(available via Google Play and other online stores) and download them in their device.
However, these apps require, to a lesser or greater extent, access to specific functions of
the smartphone, as well as to specific partsof the storage, all related to personal data. The
requirement for handing over personal data to third-party services also existed in desktop
and laptop computers, Facebook and Google immediately come to mind as the most usual
suspects in this case. However, the mobile phone also collects very detailed location data,
Spyros E. Polykalas is a
Professor at the Ionian
University, Kefalonia,
Greece.
George N. Prezerakos is a
Professor at the University
of West Attica, Egaleo,
Greece.
Received 15 November 2018
Revised 7 December 2018
Accepted 10 December 2018
DOI 10.1108/DPRG-11-2018-0068 VOL. 21 NO. 2 2019, pp. 89-101, ©Emerald Publishing Limited, ISSN 2398-5038 jDIGITAL POLICY, REGULATION AND GOVERNANCE jPAGE 89
To continue reading
Request your trial